Pkcs11Interop data object

Question

Pkcs11Interop data object

bartengine27 opened this issue a year ago · 3 comments

Dear,

Adding data objects on a Gemalto ID Prime MD with the Pkcs11Interop library succeeds as far that the data objects are visible in the SafeNet Authentication Client. Querying the data objects with the Pkcs11Interop library or with Pkcs11Admin fails (no data objects are visible).

Is this a known issue?

Thanks,
Bart

Answer 1 · 2023-10-09T15:39:15.000Z

@bartengine27, I am getting someone to have a look at this and get back to you soon.

Thanks and I appreciate your patience.
Anurag

Answer 2 · 2023-10-15T08:14:13.000Z

Dear Anugram,

Thanks for the feedback!

Below some more information to reproduce the issue.

Regards,
Bart

        private static void GenerateDataObject()
        {
            using (IPkcs11Library pkcs11Library = factories.Pkcs11LibraryFactory.LoadPkcs11Library(factories, pkcs11LibraryPath, AppType.MultiThreaded))
            {
                // Find first slot with token present
                ISlot slot = Helpers.GetUsableSlot(pkcs11Library);

                // Open RW session
                using (ISession session = slot.OpenSession(SessionType.ReadWrite))
                {
                    // Login as normal user
                    session.Login(CKU.CKU_USER, Settings.NormalUserPin);
                    byte[] encryptedBackupSecret = ConvertUtils.Utf8StringToBytes("my secret");                    
                    // https://thalesdocs.com/gphsm/ptk/5.9/docs/Content/PTK-C_Program/Obj_Classes/create_mod_copy_del.htm
                    // check CKF_LOGIN_REQUIRED 
                    List<IObjectAttribute> createObjectAttributes = new List<IObjectAttribute>();
                    createObjectAttributes.Add(session.Factories.ObjectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_DATA));
                    createObjectAttributes.Add(session.Factories.ObjectAttributeFactory.Create(CKA.CKA_TOKEN, true));
                    createObjectAttributes.Add(session.Factories.ObjectAttributeFactory.Create(CKA.CKA_PRIVATE, true));
                    createObjectAttributes.Add(session.Factories.ObjectAttributeFactory.Create(CKA.CKA_LABEL, "data_object_test"));
                    createObjectAttributes.Add(session.Factories.ObjectAttributeFactory.Create(CKA.CKA_APPLICATION, "element"));
                    createObjectAttributes.Add(session.Factories.ObjectAttributeFactory.Create(CKA.CKA_VALUE, encryptedBackupSecret));
                    var createdObject = session.CreateObject(createObjectAttributes);            

                    session.Logout();
                }
            }
        }

Answer 3 · 2023-11-01T14:04:07.000Z

Dear @anugram

Do you have an update? Anything I can do to help?

Thanks,
Bart